Copyright Office Seeks To Make It More Difficult To Retain DMCA Safe Harbors

from the of-course-they-are dept

Almost missed this one, but Eric Goldman alerts us to the dozen comments filed with the US Copyright Office concerning its plan to force everyone to keep re-registering their official DMCA agent in order to keep retaining the DMCA's safe harbors. As we've discussed in the past, in order to make use of the DMCA's safe harbors, you have to register an official DMCA agent with the Copyright Office. In fact, we've suggested that anyone running a blog or forum site do exactly that. Many of the companies that were successfully sued by Righthaven (before it was discovered Righthaven didn't really have the copyrights it needed) were caught because they failed to register a DMCA agent. While I think that such sites could make a reasonable argument in court that they still were not liable, it's a lot more difficult (and costly) to do so.

However, for reasons that escape me, the Copyright Office is thinking of making it much easier for companies to lose their safe harbor protections by requiring them to regularly re-register with the Copyright Office, or have their agent tossed out. This is part of a larger -- and useful -- effort to make the process of registering electronic, rather than the paper one it is today. That's a good thing. But dumping the database and requiring periodic re-registering is fraught with problems. The Copyright Office appears to defend this process on two grounds: first that some companies have gone out of business, and yet their DMCA agent listings live on and second, that copyright holders may want to know if a service provider is in compliance on the date of infringement.

These outdated entries
impose little cost on prospective rightsholders using the database, however, since few
rightsholders will ever want to send takedown notices to a service provider that no longer
exists. This scenario does not justify any substantial compliance costs on the industry, startups, or members of the public who would want to claim safe harbor protections.

The second reason is equally mystifying:

However, existing [law] already requires registrations of agents to be dated, such that
Copyright Office records can already enable rightsholders to ascertain whether a service
provider was in compliance on a particular data. This proposed feature therefore does not
provide sufficient value to justify new regulatory obligations.

The CCIA piece also notes that this retroactive yanking of safe harbors almost certainly goes against the law, as the Copyright Office has no mandate under the safe harbors of the DMCA to remove such safe harbors just because it doesn't like the fact that there are a few "dead" entries in the database. The biggest issue, of course, is that this imposes significant compliance costs on pretty much anyone running a website that wishes to avail themselves of the DMCA's safe harbors. Even worse, simply forgetting to re-register your DMCA agent when the time comes could cause you to lose the protections entirely. That seems ridiculous.

Others who came out against this insanity include Public Knowledge (pdf), EFF, with Jason Schultz & Eric Goldman (pdf) and Microsoft (pdf). There's also a short and sweet filing from Matthew Neco (the only individual who filed a comment by himself), which notes that it would be an "unreasonable burden" to have to keep re-filing. It notes that a simple calendaring mistake might lead to the loss of safe harbor protections which would be "draconian" for such a simple mistake.

Amazingly, the MPAA actually appears to kinda/sorta agree with those above (pdf) in saying that "resubmitting designations
through the online form may be costly and burdensome for
those companies with a large number of designations if
separate manual entry of new forms for every existing
designation is required." It later warns that this "risks being a trap for the unwary." Of course, rather than totally coming out against the idea, the MPAA says that the Copyright Office should "make clear in the designation process that failure to
keep the records current (in the Copyright Office database and
on the service providers' own websites) is a basis for losing
DMCA safe-harbor protection." Yes, because putting a single sentence on the website will keep it from being a trap for the unwary. Huh?

On the other side of the coin entirely is the RIAA who enthusiastically supports anything that might weaken the DMCA's safe harbors. It goes so far into the ridiculous as to call such periodic re-registrations as "essential," apparently ignoring all of the legal points raised by the other filings. Somewhat surprisingly, both Verizon and the Internet Commerce Coalition don't seem to think it's that big of a deal to have to re-register every couple of years, and each provides minor suggestions for making the process simpler.

Others weighing in on the request for comment seem to focus on other issues. Google has a short comment (pdf) about why it doesn't make sense to require service providers to file separately for every subdomain, and separately argues that takedown notices should be written, rather than allowing phone calls. A bunch of organizations representing rural and small telecom companies focus (pdf) on making sure third parties can maintain and update the agent info.

Then... there's the filing of MiMTiD (pdf). If you don't recall, we've written about the anti-piracy outfit MiMTiD a few times in the past, and it always has to do with some wacky, totally detached from reality, argument the company has -- such as claiming that it's infringing to pass on DMCA takedown notices to ChillingEffects.org, or that the music industry has been destroyed, because Congress preferred to protect Farmville rather than record labels. Not surprisingly, MiMTiD's filing is more of the same. Much of it simply complains about Google:

From what we understand, Google takes it upon itself to conduct a manual
investigation of each infringing link identified and ultimately decides, using
unpublished criteria, whether or not Google agrees with the copyright owner that
the link is indeed an infringement of the relevant copyright owner’s rights. As
noted above, all notices sent by MiMTiD on behalf of copyright owners are
DMCA compliant, so they satisfy the extensive, carefully-crafted criteria that
Congress established for a notice to be valid.

The DMCA also provides other built-in safeguards and checks and balances, such
as a counter-notice process for a party to object to the removal of its content and
penalties against copyright owners that abuse the notice process. Nonetheless,
Google inserts itself as an extra-statutory, self-appointed arbiter of the validity of
DMCA-compliant notices that Congress has already determined as valid under the
statute. If Google does not unilaterally agree that the links submitted in a take
down notices are infringing, under whatever standard it chooses to use, Google
informs the copyright owner or its agent as follows: "In accordance with the
Digital Millennium Copyright Act, we have completed processing your
infringement complaint. ... At this time, Google has decided not to take action on
these URLs: [list of ignored links]".

I'm not sure what that has to do with anything in the RFC from the Copyright Office. It also seems to suggest a misunderstanding of the DMCA. That is, it seems to suggest that if you send a DMCA compliant takedown, the service provider must remove the content. But that's not true at all. They only have to do that if they want to retain safe harbors. But if they believe the notice is bunk, and there's nothing to fear from a lawsuit, they don't have to remove the material at all.

When MiMTiD finally gets around to the RFC, it still doesn't appear to understand what it's talking about. It seems to not realize that the DMCA already requires service providers to designate an agent, and instead suggests what a great idea it would be to have that requirement (seriously):

Therefore, we support the proposal to require "Designation of Agent To Receive
Notification of Claimed Infringement", which we believe will enable the DMCA
to function as contemplated by Congress by eliminating confusion and
inefficiencies, enabling a party to object to the removal of the content and the
alleged infringing links from search, enabling these websites to pursue penalties
against copyright owners that abuse the notice process and requiring websites
seeking to receive the benefits of section 512 to be required to file designation of
an agent.

Yeah. Perhaps the reason Google rejects some of your takedowns is because you don't understand the DMCA... Just saying...

Another Analysis/Concern

By my count there are currently 13,434 online service providers in the Copyright Office's index.

Base Fee
1998-2002 $20
2002-2006 $30
2006-2008 $80
2008-Present $105

Alternate Name Stats
8,311 have submitted at least one alternate name
3,443 have one alternate name
1,840 have two alternate names
918 have three alternate names
10,956 alternate name fees payed (current rate is $30 for every 10)
46,805 alternate names in total

A small sample I made of the PDF files in the index ranged from 70KB-170KB. Roughly estimated the index probably takes up between 1.5-2GB (not including their backups). For a 13,434 entry database with 46,805 aliases, a digital conversion would reduce the index's footprint to a few hundred megabytes(not including backups or the proposed revision database). A small database like that would make it easier for rightsholders to download a full list of current contacts.

One huge downside is that they'll be displaying email addresses in plaintext for the first time. This will increase the number of rightsholders using completely automated systems(web spiders attached to a DMCA notice mailer that hits on certain keywords) and of course spam in general. While I don't care much about the spam issue (99% of spam could probably be weeded out if emails not including the required electronic signatures were disregarded) an increase in bogus notices would have a net effect of slowing down processing times and increase the amount of non-infringing content taken down. There should be penalties for sending bogus notices before they go forward with this plan.

We should make copy protection laws opt in and make copy protection privilege holders re-register their privileges every so often. We should also make copy protection lengths last a reasonable period of time. Instead, we have the opposite.

Re:

Why not just say "Forever"? If the term of copyright is going to be extended another 20 years every time some certain privileged copyright is about to expire, it might as well be "Forever."

Long, long ago the term of copyright was 14 years. The purpose of copyright as I recall, was to encourage the creation of new works. Many new works are built on previous works. When the term of a copyright was 14 years this was possible. Now that everything is locked up airtight for potentially well over a century and adding another 20 years every time the copyright on Mickey Mouse is about to expire, all today's works will be dead and forgotten, and the media they are recorded on rotted to dust by time the copyrights on them expire, if ever they do. And that means there will be no old works left to build on and centuries of culture will be lost forever.

Copyright today has become nothing more than a gravy train for the organized entertainment industry, with the added bonus of being able to sue and ruin anybody they want for the slightest infringement of their Most_Holy_Copyright.

Shouldn't we be able to find someone on staff that can slip in a small clause that changes this rule to cover copyright instead of safe harbors then give him a high paying job later? I almost worked for them....

Safe Harbor is a joke. Rather than SOPA, Congress should throw out the Safe Harbor provision of the DMCA. Sites that feature stolen content (and earn money from it) should be forced to vet the content for copyright clearance. If they do it for no money, they don't have to. That would get rid of those who ignore copyright law to line their own pockets and leave those doing public service (not many) untouched.

Re:

Re:

And gun manufactures should verify that it is not being used in a crime before the trigger fires the bullet.

And car manufacturers should verify that the car will not be used in a crime ( or speed or similar driving offense) before the engine will transfer power to the wheels.

And alcohol manufacturers should verify that the drink is not being consumed illegally, or be used for date rape or other similar activities before the bottle/can is opened.

Unless you support all of the above actions, you are a hypocrite. As the above mentioned items are only tools, just as a website is only a tool. It's either punish all tool makers for how they are used, or don't blame the tool, but the perpetrator of the alleged criminal (above items) or civil (copyright violations) offenses.

I know what my choice would be. I couldn't imagine a world where a beneficial tool could be outlawed and held liable for the use by even one member of society. Who would actually take the risk to invent anything (Ok, i can see the RIAA et al liking this, as there would be very few interruptions to their business model that they would have to adapt to, which really is what they want)

Re:

"Sites that feature stolen content (and earn money from it) should be forced to vet the content for copyright clearance."

...and when they do this and infringing content slips through anyway (as it's impossible to accurately filter, even for the copyright holders), what then? The safe harbour provisions shield the service provider from liability for the actions of its users. What will protect this innocent party from prosecution in it's removed?

The likely answer? Nothing. YouTune, etc. are much easier targets than going after the people actually responsible for infringement. Without safe harbours, YouTube would be sued into the ground, and not a single person actually responsible for infringement would be punished. You're supporting legal action against the postal services because some of its customers sent pirated DVDs. Think about that.

"That would get rid of those who ignore copyright law to line their own pockets and leave those doing public service (not many) untouched."

Except it would do no such thing, and have a huge number of unintended consequences. Pirates would still pirate, but platforms for independent and new artists would be removed for fear of being liable for the actions of their users.

A nice situation if you're part of a corporation that doesn't wish to adapt to the modern world. Not so much for the rest of us.

Re:

AC you are so right. I wish they would fix Safe Harbor and Copyright so we could go after the real criminals like Disney, which has stolen untold millions from the public domain. This is the kind of piracy and pillaging we should be attacking!

Re:

Re:

So you really think that it's feasible for (e.g.) Google to vet the content of every single Gmail message and attachment against a database of every single copyrighted work?

You, sir or madam, are an idiot.

Here's a better idea: how about changing your obsolete business model, rather than shoving the cost of your failure to innovate off on the rest of society? Note that Apple has made a fortune by doing this. It turns out that most people would rather pay 99 cents and get the song they want instantly and legally rather than prowling through a bunch of dodgy web sites to get it for "free".

Re:

The Safe Harbor provisions of the DMCA are the only saving grace of an otherwise terrible piece of legislation. While I agree that those offering infringing (not stolen) content and not profiting from it should be held harmless and not liable, it simply isn't possible for large sites like Youtube to "vet the content for copyright clearance". I believe the statistic is that Youtube receives 48 hours of content every single minute. There is no possible way to screen that amount of content. Safe Harbors are absolutely necessary for the internet to function with user generated content. The only alternative is to make it a broadcasting platform which completely undermines the greatest communication medium ever conceived.

If they are concerned about dead companies then they only need to deal with this problem separately. Best idea IMO is that if the business ceases trading for 12 months then their DMCA safe-harbour status is lost and they need to reapply should they later restart.

Changing status under safe-harbour I expect opens a company up to being sued and they can always seek classification under the law if needed.

GoDaddy strikes again

If they did this insane thing - wouldn't it make sense to tie in dmca registration in with DNS which has similar terms of renewal? This gives the ISP's an opportunity to bill you twice per registration, cream a little off the top and ostensibly provide a 'public service?'

Makes sense since they are trying so hard to make sure the ISP's are complicit in everything

Re: It is a money grab, pure and simple

I would agree with you. There is absolutely no other reasonable explanation as to why this would be proposed other than revenue generation. If that's what it's about than just say so. No BS about trying to justify this as beneficial or other such nonsense. Say we need the money, and we'll make it easy to auto-renew with an automatic billing feature for the renewal fee so that unless the payment account changes without notice there will never be a lapse in coverage. There should be a mandatory opt-out notice sent each year, and if not responded to, the provider should automatically be billed and their agent renewed. There... problem solved. No lapse in coverage, transparency towards the revenue generation, and life goes on. Why do we always have to go through this bullshit song and dance routine?!?!

To be clear, I do not support this change, but if it has to happen, then making sure there isn't an administrative burden to renew or the possibility for a lase in coverage due to a "calendaring" mistake is essential.

Re: Re: It is a money grab, pure and simple

Re: Re: It is a money grab, pure and simple

Did anyone in the corporate entertainment business ever consider this: If you sink the ship you're riding on, you're going down with it?

Entertainment industry mentality reminds me of a foolish steam engine operator who would tie down the pressure release valve in an effort to get more power out of the engine. Do that, and sooner or later the boiler is going to blow, and that will be the end of the steam engine and everything around it.

The Copyright Office works for.................

..........copyright holders, and the copyright holders alone. The public interest be damned is their motto, and I think a serious look at how many employees of this office later obtain gainful employment in the copyright MAFIAA is eminently warranted. Kind of like the generals and the military industrial complex.

Re:

Why Keep Registering?

I'm having a dispute with the Wash Post that may explain why. They won't let me go three pages deep on a long story like the one about Obama's deep commitment to Drones which ran the other day. When I reach that third page, Wash Post wants my email address and password. Only the password is no longer any good, they want me to change it. For a long time I did. Then I discovered even their new password wouldn't get me beyond page 2. I deduce they have discovered I'm a copier and paster for emails. They don't want me doing that for their long important stories. When I write them, which is difficult, they respond obtusely, like they can't understand what my problem is. I no longer believe them. The only reason they string me and others like me along, is to create an in-house metric they can count which measures the continuing 'interest' of copiers and pasters they are denying complete access to their website. The Copyright Office too may be simply trying to be certain its constituency is 'serious enough' to keep meeting the egregious standard of participation. I don't even care about the Wash Post anymore, but I still play the game to mislead them into believing otherwise.